- 29 4月, 2016 1 次提交
-
-
由 FdaSilvaYY 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/952)
-
- 20 4月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Add copyright to most .pl files This does NOT cover any .pl file that has other copyright in it. Most of those are Andy's but some are public domain. Fix typo's in some existing files. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 16 4月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Make X509_OBJECT, X509_STORE_CTX, X509_STORE, X509_LOOKUP, and X509_LOOKUP_METHOD opaque. Remove unused X509_CERT_FILE_CTX Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
- 15 4月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
Travis identified a problem with freeing the ex_data locks which wasn't quite right in ff234405. Trying to fix it identified a further problem: the ex_data locks are cleaned up by OPENSSL_cleanup(), which is called explicitly by CRYPTO_mem_leaks(), but then later the BIO passed to CRYPTO_mem_leaks() is freed. An attempt is then made to use the ex_data lock already freed. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 14 4月, 2016 2 次提交
-
-
由 Matt Caswell 提交于
Running a "make update" wanted to add err_cleanup to libcrypto.num which is wrong. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
Some locks were not being properly cleaned up during close down. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 13 4月, 2016 9 次提交
-
-
由 Richard Levitte 提交于
Don't expose purely libcrypto internal symbols, even to libssl. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Matt Caswell 提交于
There is a preference for suffixes to indicate that a function is internal rather than prefixes. Note: the suffix is only required to disambiguate internal functions and public symbols with the same name (but different case) Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
There was a lot of naming inconsistency, so we try and standardise on one form. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
ENGINE_cleanup() should not be called expicitly - we should leave auto-deinit to clean this up instead. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
OBJ_cleanup() should not be called expicitly - we should leave auto-deinit to clean this up instead. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
EVP_cleanup() should not be called expicitly - we should leave auto-deinit to clean this up instead. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
CRYPTO_cleanup_all_ex_data() should not be called expicitly - we should leave auto-deinit to clean this up instead. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
RAND_cleanup() should not be called expicitly - we should leave auto-deinit to clean this up instead. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
ERR_free_strings() should not be called expicitly - we should leave auto-deinit to clean this up instead. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 05 4月, 2016 2 次提交
-
-
由 Rich Salz 提交于
This reverts commit 620d540b. It wasn't reviewed. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 FdaSilvaYY 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 21 3月, 2016 3 次提交
-
-
由 Rich Salz 提交于
Don't have #error statements in header files, but instead wrap the contents of that file in #ifndef OPENSSL_NO_xxx This means it is now always safe to include the header file. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Rich Salz 提交于
Merge ct_int.h into ct_locl.h Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
由 Rich Salz 提交于
Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
- 12 3月, 2016 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 11 3月, 2016 3 次提交
-
-
由 Kurt Roeckx 提交于
They are not numbers in the machine byte order. Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Kurt Roeckx 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Bill Cox 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 10 3月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
A line from cryptlib.h was missed during the old Thread API removal. This breaks no-deprecated builds. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 09 3月, 2016 2 次提交
-
-
由 Alessandro Ghedini 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Alessandro Ghedini 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 08 3月, 2016 2 次提交
-
-
由 Matt Caswell 提交于
We had the function EVP_CIPHER_CTX_cipher_data which is newly added for 1.1.0. As we now also need an EVP_CIPHER_CTX_set_cipher_data it makes more sense for the former to be called EVP_CIPHER_CTX_get_cipher_data. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Dr. Stephen Henson 提交于
Make PKCS8_PRIV_KEY_INFO opaque. Several accessor functions already exist for this structure. Two new ones were added to handle attributes. The old handling of broken formats has been removed and the corresponding structures simplified. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 07 3月, 2016 2 次提交
-
-
由 Matt Caswell 提交于
The 0x00010000L OPENSSL_INIT flag appeared twice. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 clucey 提交于
1. Cleaned up eventfd handling 2. Reworked socket setup code to allow other algorithms to be added in future 3. Fixed compile errors for static build 4. Added error to error stack in all cases of ALG_PERR/ALG_ERR 5. Called afalg_aes_128_cbc() from bind() to avoid race conditions 6. Used MAX_INFLIGHT define in io_getevents system call 7. Coding style fixes Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 04 3月, 2016 2 次提交
-
-
由 Rob Percival 提交于
Reviewed-by: NBen Laurie <ben@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Alessandro Ghedini 提交于
This patch implements the HMAC-based Extract-and-Expand Key Derivation Function (HKDF) as defined in RFC 5869. It is required to implement the QUIC and TLS 1.3 protocols (among others). Signed-off-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
- 03 3月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
The global thread local keys were not being deinited properly in async. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 02 3月, 2016 2 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Rob Percival 提交于
Tests included in future commit, which adds CT policy validation. Reviewed-by: NBen Laurie <ben@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 01 3月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
In the BN_hex2bn function the number of hex digits is calculated using an int value |i|. Later |bn_expand| is called with a value of |i * 4|. For large values of |i| this can result in |bn_expand| not allocating any memory because |i * 4| is negative. This leaves ret->d as NULL leading to a subsequent NULL ptr deref. For very large values of |i|, the calculation |i * 4| could be a positive value smaller than |i|. In this case memory is allocated to ret->d, but it is insufficiently sized leading to heap corruption. A similar issue exists in BN_dec2bn. This could have security consequences if BN_hex2bn/BN_dec2bn is ever called by user applications with very large untrusted hex/dec data. This is anticipated to be a rare occurrence. All OpenSSL internal usage of this function uses data that is not expected to be untrusted, e.g. config file data or application command line arguments. If user developed applications generate config file data based on untrusted data then it is possible that this could also lead to security consequences. This is also anticipated to be a rare. Issue reported by Guido Vranken. CVE-2016-0797 Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 27 2月, 2016 1 次提交
-
-
由 Rob Percival 提交于
Reviewed-by: NBen Laurie <ben@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 26 2月, 2016 1 次提交
-
-
由 Adam Eijdenberg 提交于
Reviewed-by: NBen Laurie <ben@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 24 2月, 2016 1 次提交
-
-
由 David Woodhouse 提交于
The entire contents of <internal/bn_conf.h> are unwanted in the UEFI build because we have to do it differently there. To support building for both 32-bit and 64-bit platforms without re-running the OpenSSL Configure script, the EDK2 environment defines THIRTY_TWO_BIT or SIXTY_FOUR_BIT for itself according to the target platform. The current setup is broken, though. It checks for OPENSSL_SYS_UEFI but before it's actually defined, since opensslconf.h hasn't yet been included. Let's fix that by including opensslconf.h. And also let's move the bn_conf.h doesn't even need to *exist* in the UEFI build environment. This is also GH PR736. Signed-off-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org>
-